Meraki Community
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

AnyConnect server on WAN 2 only?

stefliesmons
New here
‎Aug 12 2021 2:08 AM
‎Aug 12 2021 2:08 AM

AnyConnect server on WAN 2 only?

We have an existing port forwarding for 443 and would like to keep this default port for the AnyConnect setup.

 

Is it possible to let the AnyConnect server listen on WAN 2 only? The incoming port forward of 443 is already limited to WAN 1 and should not be conflicting with WAN 2.

 

 

Tx

 

 

0 Kudos
Subscribe
5 Replies 5
KarstenI
Kind of a big deal
Kind of a big deal
‎Aug 12 2021 2:47 AM
‎Aug 12 2021 2:47 AM

No, The AnyConnect service always run on the primary active WAN connection. You could:

  • use WAN2 for your actual forwarding (only a litte change on the MX and probably an adjustment of DNS) and WAN 1 for AnyConnect
  • or set WAN2 as primary and use flow preferences to steer traffic to WAN1
  • or ask your WAN1-ISP for additional IPs and reconfigure the MX IP to something new and configure the forwarding for the old IP
  • or use a different AnyConnect port
Subscribe
In response to KarstenI
stefliesmons
New here
‎Aug 12 2021 2:52 AM
‎Aug 12 2021 2:52 AM

Hi Karsten,

 

I use your first scenario now but the AnyConnect still says the port 443 is in use.

 

The port forwarding is set exclusive on Internet 2 (WAN 2) with a different fixed WAN IP and adapted DNS records. This forwarding is working fine on the WAN 2.

The AnyConnect setup wizard should detect that the WAN1 does NOt have any port forwarding going on on 443, but it does not...

0 Kudos
Subscribe
In response to stefliesmons
KarstenI
Kind of a big deal
Kind of a big deal
‎Aug 12 2021 2:57 AM
‎Aug 12 2021 2:57 AM

Just thought again about this. Yes, The MX wants to have control of this port on both WANs because it wants to move the service to the other WAN on a WAN failure. So there is probably only the third and forth option available.

0 Kudos
Subscribe
In response to KarstenI
stefliesmons
New here
‎Aug 12 2021 3:03 AM
‎Aug 12 2021 3:03 AM

Tried to reverse the setup, disabled the forwarding, setup the AnyConnect, and then re-enabled the forwarding on Internet2 again, but it gets refused as well in that order...

 

Shame the AnyConnect UI does not have the WAN interface option like the Forwarding does!

 

 

0 Kudos
Subscribe
Dudleydogg
A model citizen
‎Oct 13 2022 6:55 PM
‎Oct 13 2022 6:55 PM

Right Crap well that is not idea, I can't use 443 for any other services.

0 Kudos
Subscribe
Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels
© 2024 Cisco Systems, Inc.